Security Engineer, Application Security

| Greater NYC Area
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.
Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk while securely enabling access to information for those who need it.

What You'll Do

  • Develop application security and product best practices to standardize security practices.
  • Provide security design review and code reviews to the organization to ensure the product features meet security requirement and best practices. 
  • Review, analyze, and evaluate both internally developed software and vendor products and procedures to address security requirements and concerns.
  • Serve as subject matter expert for static and dynamic analysis security tools.
  • Work with DevOps engineers to integrate static and dynamic analysis security tools into CI/CD pipelines.
  • Interpret security tools findings, 3rd penetration testing results, and bug bounty program submissions.
  • Provide vulnerability remediation guidance and mentoring to product development software engineers.
  • Develop company-wide security projects and processes to discover security defects in source code, dependencies, and/or other artifacts.
  • Develop and improve documentations on security processes and procedures.
  • Build metrics to track security defects and automate the collection of security information to derive metrics.
  • Enable automation of product security testing and find innovative ways to scale the security team.
  • Evaluation of new technologies, tools, and/or development techniques that impact security.

What We Look For

  • Team player, high work ethics, attention to details is a must.
  • Ability to communicate effectively with business representatives in explaining security topics clearly and where necessary, in layman's terms.
  • Experience with Cloud and virtualized technology in environments such as AWS or GCP.
  • Ability to efficiently communicated security to any audience, such as explaining vulnerabilities and weaknesses in the OWASP Top 10, WASC, and/or CWE 25 and discuss effective defensive techniques and countermeasures to both business and engineering staff.
  • Deep understanding of network protocols such as HTTP and SSL/TLS.
  • Familiar with means to defend modern Web applications and APIsFamiliarity with dynamic and static analysis tools and ability to interpret dynamic/static analysis tools, and penetration test results and describe issues and fixes to non-security experts.
  • Familiarity with common reconnaissance, exploitation, and post-exploitation frameworks.
  • Deep understanding of continuous integration / continuous deployment processes and tools.
  • Ability to automate tasks using a scripting language (Python, Shell, etc).
  • Ability to program in Python, experience with Javascript is a plus.
  • Security certification such as CISSP, OSCP is a plus.
  • BA/BS degree in a related field or equivalent experience is a plus.

At Affirm, "People Come First" is a core value and that’s why diversity and inclusion are vital to our priorities as an equal opportunity employer. You can learn more about our D&I efforts here.

Read Full Job Description

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • JavascriptLanguages
    • KotlinLanguages
    • PythonLanguages
    • SwiftLanguages
    • Google AnalyticsAnalytics
    • BalsamiqDesign
    • IllustratorDesign
    • InVisionDesign
    • PhotoshopDesign
    • SketchDesign
    • AsanaManagement
    • ConfluenceManagement
    • JIRAManagement
    • MediumCMS
    • SalesforceCRM
    • MarketoLead Gen

Location

Affirm's office is located in the NOMAD neighborhood! The North of Madison neighborhood has great coffee shops, restaurants, and bars.

An Insider's view of Affirm

What’s the vibe like in the office?

I was originally based in our San Francisco office and recently transitioned to our NYC office. I love the NYC office because it feels like a true start-up! I get the best of both worlds. A growing start-up with infrastructure and stability but with the excitement of a small office and team.

Jeremy

Software Engineer

What are some things you learned at the company?

I've learned that staying true to Affirm's consumer-first mission requires a nearly daily commitment to it from the whole company with respect to how decisions are made, which goals are set, & what we decide to build. Sharing this clear north star with my coworkers allows us to connect & align on a deeper level - we're all here for the same reason.

Niki

Group Product Manager

What’s the vibe like in the office?

The New York office combines the tight knit, friendly culture of a smaller startup start up with the huge projects of a scaled out company, all while located in the heart of the world's best city. People in NYC are generally hard working, laid back, and fun to talk to.

Noam

Software Engineer

What are Affirm Perks + Benefits

Affirm Benefits Overview

- Lead a healthy life: Generous coverage for health, dental, vision, life and disability insurances for you and your dependents.
- Learn and grow: We offer a significant stipend toward your personal career development.
- Be there when it counts: Take care of your loved ones with our parental leave, and find support at the office with our dedicated Mother's room and [email protected] Employee Resource Group.
- Take Time Off: We offer generous paid time off so you can always be at your best.
- Eat well: We cater meals daily
- Commute carefree: We subsidize the cost of transportation for you getting to and from work.
- Feel invested: We offer meaningful equity so you have ownership in what we are building.
- Get active: You can apply our monthly wellness stipend toward fitness classes and memberships.
- Know the product: We offer a monthly stipend for purchases with Affirm.

Culture
Volunteer in local community
Affirm has an active [email protected] group that organizes regular events to give back to the community.
Friends outside of work
Eat lunch together
Intracompany committees
Our Diversity and Inclusion Council is comprised of Affirmers from across all organizations and levels working together to build towards a more diverse and inclusive workforce.
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Open office floor plan
Diversity
Dedicated Diversity/Inclusion Staff
Diversity manifesto
Someone's primary function is managing the company’s diversity and inclusion initiatives
Health Insurance & Wellness Benefits
Vision Benefits
The vision benefits plan covers 100% for annual eye exams with $250 for glasses and contact lenses.
Health Insurance Benefits
Acme's health insurance policy covers up to 95% of out of pocket expenses.
Wellness Programs
Retirement & Stock Options Benefits
401(K)
Company Equity
Child Care & Parental Leave Benefits
Generous Parental Leave
Affirm supports paid parental leave for periods of disability and for baby bonding.
Family Medical Leave
Affirm provides leaves of absences for eligible employees under the federal Family and Medical Leave Act (FMLA) and California Family Rights Act (CFRA).
Vacation & Time Off Benefits
Unlimited Vacation Policy
Paid Holidays
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Free Daily Meals
Stocked Kitchen
Happy Hours
Fitness Subsidies
Professional Development Benefits
Job Training & Conferences
Diversity Program
Lunch and learns
Promote from within
More Jobs at Affirm25 open jobs
All Jobs
Finance
Data + Analytics
Dev + Engineer
HR
Legal
Marketing
Operations
Product
Sales
Developer
new
New York
Operations
new
New York
Finance
new
New York
Finance
new
New York
Developer
new
New York
Developer
new
New York
Developer
new
New York
Finance
new
New York
Product
new
New York
Developer
new
New York